Sabtu, 19 April 2014

Bihar Bharti Janta Party Official Website Hacked

Bihar Bharti Janta Party official website was defaced and Server was rooted by Pakistan Hackers and leaving a message on the website followed by the slogan “Pakistan Zindabad“.

#OP Modi was recently started by Pakistani Hackers targeting Modi’s related online websites.



Though the website gets restored, still the deface page or the content on that page can be read by going through the Mirror link.

 BJP Websites are being the frequent targets of Pakistani Hackers




Read more

Simple Upload 53 Shell Upload Vulnerability

This Vulnerability allows Hacker to upload Shell. Web Application vulnerability in"Simple Upload 53" PHP file allows an attacker to upload Backdoor shell code in your website.

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

Lets Start:-

1). Paste the below dork in the google and click search.
inurl:simple-upload-53.php
2). After you search in Google you will find many Websites containing Simple-Upload-53.php at the end of url. Now simply open any of them.



3). Now you can see the upload option in the site. Here is the vulnerability, it allows you to upload files.
You can upload Backdoor shell as ".php.jpg" or ".php.gif" etc.

4). The uploaded shell will be in this place:
http://www.site.com/files/[Your File]
After uploading the shell , You can hack/deface the site.
Read more

WebTester File Upload Vulnerability



Hello Reader,Hope you all are enjoying my posts.. here Im back with new file upload vulnerability..
called WebTester File Upload Vulnerability . SO lets start..

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

Follow the Instructions:-

1). GO to google and type the following dork..
Google Dork : inurl:go.php?testID= 
For More Results Use your Brain and create your own Dork..
Exploit :http://[target]/[path]/tiny_mce/plugins/filemanager/InsertFile/insert_file.php
2). Now, upload your html , txt or jpg files



3). To find you uploaded file :-
 http://target/path/test-images/[yourfile].html
Enjoy...
Read more

Hack Web Sites Using IIS Exploit [For XP Users]


Hello Readers, I heard some of you are not getting out tutorials because u have no knowledge about Web hacking and you wanna learn web hacking .. So today i decided to write this tutorial for no0bs.

Because in this tutorial we are going to learn about IIS Web Hacking Exploit the Easiest way to hack for Noobs..

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

By using this Exploit an attacker can upload shell , Deface web site delete data etc. etc can do every thing without login..:D . Yeah you heard Right.. I know you all are getting exited, So lets's start :-

Note:- this is only for Windows XP users. For Windows 7 user , i will post soon ...

Follow the Instructions:-

1). First Of all we need to find Vulnerable site. Go to google and type the following dork:-

Dork- Intext:"Powered by IIS

Actually there is no particular dork be Creative use mind and create your own unique dork :) ..

If you are unable to find Don't worry ..See the end of the tutorial i have posted some sites :)

2). After Finding Vuln Site .Click on Start button And open "RUN"


3). Now type the following code in "RUN"
%WINDIR%\EXPLORER.EXE ,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{BDEADF00-C265-11d0-BCED-00A0C90AB50F}

4). Now a FOlder will open named "Web Folders"

Now Right Click in that folder then "New" And then  "Web Folder"..


5). Now paste the url of the Vulnerable site And CLick Next..


6). Now it will ask you to give Name for that Web Folder leave as it is Click Finish..


7). Congratulations! Now you are in the web site..If you wanna upload shell copy your Shell.php in to that folder and your shell will be uploded.. to path

Example : site.com/shell.php

Do the same to upload your deface also :D

Here are some site For Practicing ....  
http://www.houtai123.cn/
http://news.rhvacnet.com/
http://israelshamir.net/
http://intellectual.members.easyspace.com/
http://hoodstarsports.com/
http://jennylo.co.uk/
http://hurrelvisualarts.com/

Soon i will post list of Vuln. sites of IIS Exploit/....
Read more

Jumat, 18 April 2014

Reset Samsung Mobile Tracker Code



These Code Reset All Code In Your Samsung Mobile(Any Model)

Samsung Tracker Code Also Reset By These Codes:-
If You Forget Your Code Don't Worry

>> Turn Off Your Mobile
>> Remove The SIM
>> Turn On Your Mobile Without SIM
>> Enter The Code *2767*637# (Universal Unlock Code)(Reset Mobile Tracker Code)
>> Enter The Code *2767*3855#(Full EEPROM Reset)(Reset All Type Of Code)
Read more

Kamis, 17 April 2014

Make free Mobile calls And Fake Call for India, US and Canada with Dingaling


Hey Guyz !..Calling to other number using any number is also called as call spoofing but its not possible in all countries . Here we are going to show you one newly launched App which allows you to call other number using any number and also gives you free minutes to call :D. This App is called DINGALING

What is DINGALING ?
DINGALING is the free calling app for Android or IOS devices and it got web interface also that means if you don't have Android or IOS device then also you can use these amazing features. It has the ability to make free calls to your friends mobile or landline numbers that means your friend need not have the app installed in his smartphone, just enter the phone number in dial pad of app and hit on free call.

Each call have a minimum duration Of:
-10 mins for India 
-30 mins for countries like US, Canada & China.

There are 2 ways in which you can use this service:-

1). Via Web : If you want to call any number using any number(FAKE CALL) then just register to web interface by clicking Here . After successful registration, just login and enjoy free call from Start new call section by putting From and To Numbers.



2).  Via App To App or App To Other Numbers : If you have a Android app then you can use this application freely. You can call any number from your smartphone using this superb app. Main features of this app is that receiver will receive call from same registered number which you registered in dingaling, that means no one can caught you that you are calling him using any third party app.

Note:-

1). You can only use calling to any number using any number by using Web.

2). Upto 10 mins calling allow to Indian numbers and upto 30 mins allowed for US, Canada & China numbers.

3). You can send free sms only to Dingaling app users.

4). Dingaling will show the number that you used during registration .

Hope you like this ..Please leave your Valuable comments and visit again :)
Soure: OMGTricks
Read more

Rabu, 16 April 2014

#OpSriLanka: Hackers from around the world launches Cyber war against Sri Lanka

In protest of attacks taking place on Srilankan Tamils, Hackers hit Srilanka with cyber attack that resulted in defaced of some sites, as well as database being leaked.



"Shawdowforce" who conduct the Operation report that representative from more than 13 teams including Anon Ghost -Indian Haxors Team - Indian Cyber Rakshak - RedCult (Lebanon) - Muslim Cyber Corporation(Indonesia) - Pakistan Haxors Crew - Ip Sova Crew(Malaysia) - Indonesian Red Code -Team - Elite Cyber Army (Philippines) - Afghan Cyber Army - Indian Cyber Devils - Sec~Team-7 - Sec_dark participated in the operation.



Several Government websites were defaced and others were brought down using DDOS. More than 100 websites including websites of  government, big Organisations and local business were defaced too.



This is a part of the joint event that we are conducting #OpSrilanka (April 15-16).  

We will Speak against your government's AirStrike on the "NO FIRE ZONE" !  

We will Speak against the attrocities committed by Srilankan Army on innocent Tamil population !  
We will Speak against the War Crimes committed by your government!  
We will Speak against the Genocide committed by Your Government ! 
stop this !!!!! 
Deface message shows.
afcan-cyber-army-opsrilanka-deface-page


anonghost-opsrilanka-deface-page


indian-cyber-evils-opsrilanka-deface-page

Paste Released by Afghan Cyber Army CLICK HERE
Screenshots showing websites were down during the Operation,
A paste released by the organisers of the Operation:-



At the time of writing the post most of the websites were restored and working back to normal.

Source:- thehackerspoint.com
Read more

Selasa, 15 April 2014

Adobe Reader App for Android Vulnerable to Remote Code Execution



Security on the Android device is getting more high as the new and latest vulnerabilities are addressed. Again one popular app of Android "Adobe Reader" is found to be vulnerable. About 400 million android users have installed Adobe reader on their device. If you are among these, then you must update your Adobe Reader from Google Play store.



Adobe has just released the latest version of Adobe reader after fixing the Remote Code Execution on its previous version. Adobe have published the report for the vulnerability code (CVE-2014-0514) resides in the implementation of JavaScript APIs on Adobe Reader 11.2 that could be exploited to execute arbitrary code within Adobe Reader.

A security researcher Yorick Koster from Securify BV, have noted the vulnerability to Adobe. Explaining the vulnerability, Koster claims that attacker can craft a PDF file with malicious java script that can exploit the victim when he/she open it in affected version of the Adobe Reader.

Successful exploitation allows the attacker, to access the files stored on the Micro SD card and also can read the other personal information present on the device. So it is recommended to update your Adobe Reader from Google Play store.
Read more